CN109691015B - 一种区块链上的动态访问控制方法及系统 - Google Patents

一种区块链上的动态访问控制方法及系统 Download PDF

Info

Publication number
CN109691015B
CN109691015B CN201780053286.1A CN201780053286A CN109691015B CN 109691015 B CN109691015 B CN 109691015B CN 201780053286 A CN201780053286 A CN 201780053286A CN 109691015 B CN109691015 B CN 109691015B
Authority
CN
China
Prior art keywords
capability
capabilities
sender
target
blockchain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201780053286.1A
Other languages
English (en)
Chinese (zh)
Other versions
CN109691015A (zh
Inventor
M·斯泰普斯
P·林木巴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Commonwealth Scientific and Industrial Research Organization CSIRO
Original Assignee
Commonwealth Scientific and Industrial Research Organization CSIRO
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2016903450A external-priority patent/AU2016903450A0/en
Application filed by Commonwealth Scientific and Industrial Research Organization CSIRO filed Critical Commonwealth Scientific and Industrial Research Organization CSIRO
Publication of CN109691015A publication Critical patent/CN109691015A/zh
Application granted granted Critical
Publication of CN109691015B publication Critical patent/CN109691015B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)
CN201780053286.1A 2016-08-30 2017-08-30 一种区块链上的动态访问控制方法及系统 Active CN109691015B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
AU2016903450 2016-08-30
AU2016903450A AU2016903450A0 (en) 2016-08-30 Dynamic Access Rights on Blockchain
PCT/AU2017/050928 WO2018039722A1 (en) 2016-08-30 2017-08-30 Dynamic access control on blockchain

Publications (2)

Publication Number Publication Date
CN109691015A CN109691015A (zh) 2019-04-26
CN109691015B true CN109691015B (zh) 2022-02-01

Family

ID=61299529

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780053286.1A Active CN109691015B (zh) 2016-08-30 2017-08-30 一种区块链上的动态访问控制方法及系统

Country Status (7)

Country Link
US (1) US11153092B2 (ja)
EP (1) EP3479519B1 (ja)
JP (1) JP7019697B2 (ja)
KR (1) KR102480035B1 (ja)
CN (1) CN109691015B (ja)
AU (1) AU2017320341B2 (ja)
WO (1) WO2018039722A1 (ja)

Families Citing this family (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10936721B1 (en) * 2018-03-01 2021-03-02 Amdocs Development Limited System, method, and computer program for splitting and distributing a privileged software component into dependent components in order to deliver better security
EP3420668B1 (en) 2016-02-23 2023-08-23 nChain Licensing AG Method and system for efficient transfer of cryptocurrency associated with a payroll on a blockchain that leads to an automated payroll method and system based on smart contracts
EP3860037A1 (en) 2016-02-23 2021-08-04 Nchain Holdings Limited Cryptographic method and system for secure extraction of data from a blockchain
KR101999188B1 (ko) 2016-02-23 2019-07-11 엔체인 홀딩스 리미티드 비밀 공유를 위한 타원 곡선 암호를 사용하는 개인용 장치 보안
KR20180114942A (ko) 2016-02-23 2018-10-19 엔체인 홀딩스 리미티드 분산형 해시 테이블 및 블록체인을 사용하여 컴퓨터 소프트웨어를 보호하기 위한 방법 및 시스템
SG10202011640TA (en) 2016-02-23 2021-01-28 Nchain Holdings Ltd System and method for controlling asset-related actions via a blockchain
GB2561727A (en) 2016-02-23 2018-10-24 Nchain Holdings Ltd Blockchain-based exchange with tokenisation
AU2017223129A1 (en) 2016-02-23 2018-07-12 nChain Holdings Limited Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system
CA3013182A1 (en) 2016-02-23 2017-08-31 nChain Holdings Limited Universal tokenisation system for blockchain-based cryptocurrencies
EP3420517B1 (en) 2016-02-23 2022-07-06 nChain Holdings Limited A method and system for the secure transfer of entities on a blockchain
SG10202011641RA (en) 2016-02-23 2021-01-28 Nchain Holdings Ltd Tokenisation method and system for implementing exchanges on a blockchain
EP3754901A1 (en) * 2016-02-23 2020-12-23 Nchain Holdings Limited Blockchain implemented counting system and method for use in secure voting and distribution
SG11201805472RA (en) 2016-02-23 2018-07-30 Nchain Holdings Ltd Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
CA3227439A1 (en) 2016-02-23 2017-08-31 nChain Holdings Limited Registry and automated management method for blockchain-enforced smart contracts
CN113595726A (zh) 2016-02-23 2021-11-02 区块链控股有限公司 用于控制和分发数字内容的区块链实现的方法
EP3683707A4 (en) * 2017-09-14 2020-10-14 Sony Corporation INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING PROCESS AND PROGRAM
US11449634B2 (en) * 2017-10-24 2022-09-20 Tzero Ip, Llc Federated personally identifiable information (PII) service
TWI677213B (zh) * 2017-11-23 2019-11-11 財團法人資訊工業策進會 監控裝置、方法及其電腦程式產品
CN108492180B (zh) 2018-02-14 2020-11-24 创新先进技术有限公司 资产管理方法及装置、电子设备
CN110290094B (zh) * 2018-03-19 2022-03-11 华为技术有限公司 一种数据访问权限的控制方法和装置
US20210044589A1 (en) * 2018-03-25 2021-02-11 British Telecommunications Public Limited Company Access control
US11888985B2 (en) * 2018-04-06 2024-01-30 Nippon Telegraph And Telephone Corporation Blockchain system, registration terminal, approval terminal, smart contract registration method, and smart contract registration program
EP3557496A1 (en) * 2018-04-18 2019-10-23 Chain IP Holdings, Inc. Multiple layer smart-contract
CN112204555A (zh) * 2018-04-30 2021-01-08 锂离子工业公司 电力基础设施安全系统
US11669914B2 (en) 2018-05-06 2023-06-06 Strong Force TX Portfolio 2018, LLC Adaptive intelligence and shared infrastructure lending transaction enablement platform responsive to crowd sourced information
CA3098670A1 (en) 2018-05-06 2019-11-14 Strong Force TX Portfolio 2018, LLC Methods and systems for improving machines and systems that automate execution of distributed ledger and other transactions in spot and forward markets for energy, compute, storage and other resources
JP6730369B2 (ja) * 2018-05-16 2020-07-29 株式会社日立製作所 利用管理方法、利用管理システム、および、ノード
CN109190409B (zh) * 2018-09-14 2020-09-01 京东数字科技控股有限公司 记录信息传播路径的方法、装置、设备及可读存储介质
EP3637342A1 (en) * 2018-10-08 2020-04-15 CTF Markets GmbH Method and system for auditable and incentive compatible prevention of front-running
US10958421B2 (en) 2018-11-20 2021-03-23 International Business Machines Corporation User access control in blockchain
JP6756914B2 (ja) 2018-11-27 2020-09-16 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited ブロックチェーンネットワーク内のファンクションアズアサービス(FaaS)プラットフォーム
EP3549028A4 (en) * 2018-11-30 2020-01-15 Alibaba Group Holding Limited SCHEME FOR STRUCTURING BLOCKCHAIN DATA RELATIONSHIPS BASED ON REPLICATION OF BINARY LOG REPLICATION
US11405182B2 (en) 2018-12-03 2022-08-02 Ebay Inc. Adaptive security for smart contracts using high granularity metrics
US11250125B2 (en) 2018-12-03 2022-02-15 Ebay Inc. Highly scalable permissioned block chains
US11263315B2 (en) 2018-12-03 2022-03-01 Ebay Inc. System level function based access control for smart contract execution on a blockchain
US10733152B2 (en) * 2018-12-29 2020-08-04 Alibaba Group Holding Limited System and method for implementing native contract on blockchain
US11086847B2 (en) 2018-12-29 2021-08-10 Advanced New Technologies Co., Ltd. System and method for implementing native contract on blockchain
CN109828847B (zh) * 2019-01-25 2023-09-01 平安科技(深圳)有限公司 基于区块链的锁处理方法、装置、计算机设备及存储介质
CN111033468B (zh) 2019-03-26 2024-04-19 创新先进技术有限公司 实施不同类型的区块链合约的系统和方法
US11201726B2 (en) 2019-05-02 2021-12-14 International Business Machines Corporation Multi-layered image encoding for data block
CN110598454B (zh) * 2019-09-20 2021-07-06 腾讯科技(深圳)有限公司 区块链中的数据处理方法、装置、存储介质和计算机设备
KR20210059547A (ko) 2019-11-15 2021-05-25 서강대학교산학협력단 스마트 컨트랙트를 기반으로 한 데이터 암호화 가능한 블록체인 네트워크
CN110807189B (zh) * 2019-11-15 2023-07-07 内蒙古大学 一种区块链访问控制中的权限分割方法
CN111291420B (zh) * 2020-01-21 2022-11-11 国家市场监督管理总局信息中心 一种基于区块链的分布式离链数据存储方法
US11982993B2 (en) 2020-02-03 2024-05-14 Strong Force TX Portfolio 2018, LLC AI solution selection for an automated robotic process
CN111327618B (zh) * 2020-02-25 2023-04-18 上海链民信息科技有限公司 一种基于区块链的精准访问控制方法、装置及系统
CN111444524B (zh) * 2020-03-26 2023-11-10 广州智慧城市发展研究院 一种基于联盟链的动态双访问控制机制
CN114024700B (zh) * 2020-07-17 2024-03-26 中国电信股份有限公司 基于区块链的数据文件的访问控制方法、介质及装置
CN114117507B (zh) * 2020-08-28 2024-01-30 中国电信股份有限公司 对象存储系统及其访问控制方法和设备、存储介质
GB202018919D0 (en) * 2020-12-01 2021-01-13 Smarter Contracts Ltd Consent Management
US11271716B1 (en) 2021-01-28 2022-03-08 Emtruth, Inc. Blockchain-based data management of distributed binary objects
KR102549385B1 (ko) * 2022-11-03 2023-06-29 주식회사 커먼컴퓨터 데이터 액세스 제어 제공 방법 및 시스템

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105488431A (zh) * 2015-11-30 2016-04-13 布比(北京)网络技术有限公司 区块链系统权限管理方法和装置
CN105809062A (zh) * 2016-03-01 2016-07-27 布比(北京)网络技术有限公司 一种合约构建、执行方法及装置

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5263157A (en) 1990-02-15 1993-11-16 International Business Machines Corporation Method and system for providing user access control within a distributed data processing system by the exchange of access control profiles
US8639625B1 (en) * 1995-02-13 2014-01-28 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
JP3765191B2 (ja) 1998-09-21 2006-04-12 富士ゼロックス株式会社 オブジェクトのアクセス管理方法
US7685123B1 (en) 2006-08-30 2010-03-23 Network Appliance, Inc. Method and system for controlling access to dynamically specified resources
US8285990B2 (en) 2007-05-14 2012-10-09 Future Wei Technologies, Inc. Method and system for authentication confirmation using extensible authentication protocol
US9338148B2 (en) * 2013-11-05 2016-05-10 Verizon Patent And Licensing Inc. Secure distributed information and password management
US9608829B2 (en) * 2014-07-25 2017-03-28 Blockchain Technologies Corporation System and method for creating a multi-branched blockchain with configurable protocol rules
WO2016189488A2 (en) 2015-05-27 2016-12-01 Vishal Gupta Universal original document validation platform

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105488431A (zh) * 2015-11-30 2016-04-13 布比(北京)网络技术有限公司 区块链系统权限管理方法和装置
CN105809062A (zh) * 2016-03-01 2016-07-27 布比(北京)网络技术有限公司 一种合约构建、执行方法及装置

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Decentralizing Privacy: Using Blockchain to Protect Personal Data;Guy Zyskind;《2015 IEEE Security and Privacy Workshops》;20150720;正文第II-V节,图1 *
Sayed Hadi Hashemi.World of Empowered IoT Users.《2016 IEEE First International Conference on Internet-of-Things Design and Implementation(IoTDI)》.2016,正文第III-VI节,图1-6. *
World of Empowered IoT Users;Sayed Hadi Hashemi;《2016 IEEE First International Conference on Internet-of-Things Design and Implementation(IoTDI)》;20160519;正文第III-VI节,图1-6 *

Also Published As

Publication number Publication date
JP7019697B2 (ja) 2022-02-15
EP3479519A1 (en) 2019-05-08
EP3479519A4 (en) 2020-02-19
AU2017320341B2 (en) 2022-04-28
AU2017320341A1 (en) 2019-02-14
KR102480035B1 (ko) 2022-12-21
CN109691015A (zh) 2019-04-26
KR20190042567A (ko) 2019-04-24
US11153092B2 (en) 2021-10-19
US20190199531A1 (en) 2019-06-27
EP3479519B1 (en) 2022-11-02
JP2019530109A (ja) 2019-10-17
WO2018039722A1 (en) 2018-03-08

Similar Documents

Publication Publication Date Title
CN109691015B (zh) 一种区块链上的动态访问控制方法及系统
Kannengießer et al. Trade-offs between distributed ledger technology characteristics
JP7236992B2 (ja) ブロックチェーンにより実現される方法及びシステム
CN109190410B (zh) 一种云存储环境下的基于区块链的日志行为审计方法
JP6877448B2 (ja) 分散ハッシュテーブル及びブロックチェーンを用いてコンピュータソフトウェアを保証する方法及びシステム
KR101987692B1 (ko) 블록체인 집행의 스마트 계약을 위한 레지스트리 및 자동화 관리 방법
US11347876B2 (en) Access control
US10956614B2 (en) Expendable access control
JP2019515534A (ja) 分散ハッシュテーブル及びピア・ツー・ピア分散型台帳を利用した契約の実行を制御する方法及びシステム
Ouaddah et al. Harnessing the power of blockchain technology to solve IoT security & privacy issues.
TW201741956A (zh) 使用區塊鏈實現邏輯閘功能
CN112738194A (zh) 一种安全运维管理的访问控制系统
CN111814172A (zh) 一种数据授权信息的获取方法、装置及设备
EP4165573A1 (en) Method, apparatus, and computer-readable medium for confederated rights and hierarchical key management
Hu et al. Blockchain for access control systems
Swarnkar et al. Security, privacy, trust management and performance optimization of blockchain technology
US11507945B2 (en) Method and system for usage of cryptocurrency, preventing financial crime
JP2023528649A (ja) ファイル検証システムおよび方法
Bagchi Using blockchain technology and smart contracts for access management in IoT devices
CN115048672A (zh) 基于区块链的数据审计方法和装置、处理器及电子设备
Lisi et al. Automated responsible disclosure of security vulnerabilities
Stampernas Blockchain technologies and smart contracts in the context of the Internet of Things
Esparza et al. An infrastructure for detecting and punishing malicious hosts using mobile agent watermarking
Kirstein et al. Phoenix: A formally verified regenerating vault
McKay et al. Cybersecurity Considerations in Blockchain-Based Solutions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant